Lesson 10 – SECURING YOUR NETWORK

Security devices

Internal security

External security

Viruses and other malicious software

OVERVIEW

Firewall:

System enforcing security policy between two Networks.

SECURITY DEVICES

Proxy Server:

Server acting as a proxy (an anonymous intermediary) for

Network users.

Security devices

Packet filter:

Enables users to set criteria for allowed and disallowed packets.

Security devices

Securing Network from internal threats like:

Accessing information inappropriately.

Accessing other users’ files.

Impersonating other users.

Performing criminal activities on systems.

Packet “sniffing” on the Network.

INTERNAL SECURITY

Account security

File and directory permissions

Practices and user education

Internal security

Process of managing the user accounts enabled on the

Network.

Account security

To manage security:

Remove the guest account.

Rename the default name for the administrative account.

Remove access to Network resources.

Work closely with HR/legal departments.

Review newly assigned permissions.

Account security

To maintain password security:

Get users to change their Network password regularly.

Set the reuse policy.

Have passwords that are at least eight characters long.

Establish thresholds.

Account security

Control access to files and directories by using built-in

permissions.

File and directory permissions

Generic directory roles:

Create only

Read only

Change

Full control

File and directory permissions

Inform users what is expected of them in terms of security.

Discuss security issues with new employees.

Have users acknowledge their understanding.

Periodically audit users’ security actions.

Review the NOS’ security logs.

Practice and user education

Process of securing the Network from external threats.

EXTERNAL SECURITY

Types of threats:

Front-door threats

Back-door threats

Denial of service

External security

Arise when a user from outside the company finds a user

password and logs on to the Network.

Front-door threats

Solutions:

Separate Network resources accessed from and outside the LAN.

Control users accessing LAN from outside the LAN.

Set up a separate remote access account for remote users.

Set up user accounts to use dial-back.

Change password when employee with broad access resigns.

Front-door threats

Software or hardware bugs in the Network’s OS enabling an

outsider to crack the Network’s security.

Back-door threats

Back-door threats

Solutions:

Host the company’s web site on an external server.

Implement a firewall router.

Review security settings for the web server.

Place web server for non-employees outside the firewall.

Attacks that deny service to the Network.

Denial of service

Denial of service

Solutions:

Keep various Network software “current”.

Disallow Internet Control Message Protocol (ICMP) traffic

service.

Denial of service

Demilitarized Zone (DMZ):

The area between computers placed between the firewall an

connection to an external Network.

VIRUSES AND OTHER MALICIOUS SOFTWARE

Program that spreads by infecting other files with a copy of

itself.

Files infected by viruses include program files (.COM, .EXE,

and .DLL).

Virus

Program that propagates by sending copies of itself to other

computers.

Spreads by attaching to e-mails along with a message.

Worm

Program that claims to do something interesting and

performs malicious actions in the background.

Trojan horse

Malicious piece of programming code inserted into a normal

program.

Can be timed to erase key files.

Logic bomb

Internal security:

Account security

Account password security

File and directory permissions

SUMMARY

External security:

Front-door threats

Back-door threats

Denial of service

Summary

Viruses and other malicious software:

Viruses

Worms

Trojan horses

Logic bombs

Summary